4 matches found
WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts
A critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation in the wild. The vulnerability, CVE-2025-8489 CVSS score: 9.8, is a case of privilege escalation that allows unauthenticated attackers to grant themselves administrative...
CVE-2025-8489 King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor 24.12.92 - 51.1.14 - Unauthenticated Privilege Escalation
The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with. This makes it...
CVE-2025-8489
The CVE-2025-8489 vulnerability affects WordPress plugin King Addons for Elementor (versions 24.12.92–51.1.14). It arises from insufficient restriction of registration roles, allowing unauthenticated users to register as administrator accounts (privilege escalation). Exploitation details in conne...
VulnCheck KEV: CVE-2025-8489
The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with. This makes it...